Skip to content

Show audit rules per object #716

Show audit rules per object

Show audit rules per object #716

Workflow file for this run

# GitHub action recipe
# preconditions:
# - Install Java
# > wget https://download.oracle.com/java/17/latest/jdk-17_linux-x64_bin.rpm
# > rpm -Uvh jdk-17_linux-x64_bin.rpm && rm jdk-17_linux-x64_bin.rpm
# - Install Chromium for the dependencies needed by playwright:
# - Install jRuby
# > curl -sSL https://get.rvm.io | bash
# > source "$HOME/.rvm/scripts/rvm"
# > rvm install ${JRUBY_VERSION}
# > rvm --default use ${JRUBY_VERSION}
# > gem install bundler
name: Panorama CI
on:
push:
schedule:
# * is a special character in YAML so you have to quote this string, runs each day to keep the free autonomous DB alive
- cron: '0 0 * * *'
jobs:
setup:
runs-on: self-hosted
steps:
- name: Remove orphanded DB containers older than 1 hour from previous runs
run: |
docker ps --filter "name=DB*" | grep "hours ago\|days ago|weeks ago" | awk '{print $1}' | xargs -r docker rm -f
# !!! Remember to adjust the "needed" jobs in build_docker and build_jar if changing the test jobs here !!!
test_autonomous_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "autonomous", container: "PDB", max_parallel: 1 }, secrets: "inherit"}
test_11_2-ee: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "11.2.0.4-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_12_1-ee: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "12.1.0.2-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_12_2-ee_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "12.2.0.1-ee", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_12_2-ee_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "12.2.0.1-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
#test_18_3-ee_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.3.0.0-ee", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
#test_18_3-ee_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.3.0.0-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_18_4-xe_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.4.0.0-xe", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_18_4-xe_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.4.0.0-xe", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
#test_19_10-ee_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-ee", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_19_10-ee_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_19_10-se2_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-se2", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_19_10-se2_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-se2", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_21_3-ee_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "21.3.0.0-ee", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_21_3-ee_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "21.3.0.0-ee", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_21_3-se2_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "21.3.0.0-se2", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_21_3-se2_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "21.3.0.0-se2", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
# test_23_4-free_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "21.4-free", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
test_23_5-free_CDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "23.5.0.24-free", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
test_23_5-free_PDB: { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "23.5.0.24-free", container: "PDB", max_parallel: 4 }, secrets: "inherit"}
build_docker:
runs-on: self-hosted
needs: [test_autonomous_PDB, test_11_2-ee, test_12_1-ee, test_12_2-ee_CDB, test_12_2-ee_PDB, test_18_4-xe_CDB, test_18_4-xe_PDB, test_19_10-ee_PDB, test_19_10-se2_CDB, test_19_10-se2_PDB, test_21_3-ee_CDB, test_21_3-ee_PDB, test_21_3-se2_CDB, test_21_3-se2_PDB]
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Get version numbers
run: |
echo "JRUBY_VERSION=`cat .ruby-version | cut -c 7-13`" >> $GITHUB_ENV
echo JRUBY_VERSION=$JRUBY_VERSION
PANORAMA_VERSION=`cat config/application.rb | grep "VERSION =" | cut -d " " -f5 | sed "s/'//g"`
echo "PANORAMA_VERSION=$PANORAMA_VERSION" >> $GITHUB_ENV
echo PANORAMA_VERSION=$PANORAMA_VERSION
- name: Build and local push Docker image
run: |
for FROM in `grep "^FROM" Dockerfile | grep -v scratch | awk '{print $2}' | tail -n1`; do
echo "Ensure using latest version of $FROM"
docker pull $FROM
done
docker build --build-arg JRUBY_VERSION=$JRUBY_VERSION -t ghcr.io/rammpeter/panorama:latest .
docker login -u rammpeter -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
docker push ghcr.io/rammpeter/panorama:latest
- name: Test Docker image
run: |
echo "Test docker image"
- name: Final push Docker image
run: |
# Check if release already exists
# Ensure that exit code != 0 does not stop the build
set +e
docker pull ghcr.io/rammpeter/panorama:$PANORAMA_VERSION
if [[ $? -eq 1 ]];then
echo "Image with release $PANORAMA_VERSION does not exist, deploying"
set -e
docker tag ghcr.io/rammpeter/panorama:latest ghcr.io/rammpeter/panorama:$PANORAMA_VERSION
docker push ghcr.io/rammpeter/panorama:$PANORAMA_VERSION
docker login -u rammpeter -p ${{ secrets.DOCKER_IO_API_KEY }} docker.io
docker tag ghcr.io/rammpeter/panorama:latest docker.io/rammpeter/panorama:$PANORAMA_VERSION
docker push docker.io/rammpeter/panorama:$PANORAMA_VERSION
docker tag ghcr.io/rammpeter/panorama:latest docker.io/rammpeter/panorama:latest
docker push docker.io/rammpeter/panorama:latest
else
echo "Image with release $PANORAMA_VERSION already exists, no deployment"
fi
build_jar:
runs-on: self-hosted
needs: [test_autonomous_PDB, test_11_2-ee, test_12_1-ee, test_12_2-ee_CDB, test_12_2-ee_PDB, test_18_4-xe_CDB, test_18_4-xe_PDB, test_19_10-ee_PDB, test_19_10-se2_CDB, test_19_10-se2_PDB, test_21_3-ee_CDB, test_21_3-ee_PDB, test_21_3-se2_CDB, test_21_3-se2_PDB]
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Get version numbers
run: |
echo "JRUBY_VERSION=`cat .ruby-version | cut -c 7-13`" >> $GITHUB_ENV
echo JRUBY_VERSION=$JRUBY_VERSION
PANORAMA_VERSION=`cat config/application.rb | grep "VERSION =" | cut -d " " -f5 | sed "s/'//g"`
echo "PANORAMA_VERSION=$PANORAMA_VERSION" >> $GITHUB_ENV
echo PANORAMA_VERSION=$PANORAMA_VERSION
- name: Build jar
run: |
source "$HOME/.rvm/scripts/rvm"
rvm use --default jruby-$JRUBY_VERSION
bundle config deployment 'true'
bundle install --jobs 4
# Jarbler should not be part of Panorama.jar, therefore installed separately
gem install jarbler
./build_jar.sh
- name: Archive Panorama.jar
uses: actions/upload-artifact@v4
with:
name: Panorama.jar
path: Panorama.jar
- name: Test Panorama.jar
run: |
echo "Test Panorama.jar"
test/test_panorama_jar.sh
- name: Final deploy Panorama.jar
run: |
# Ensure that exit code != 0 does not stop the build
set +e
# Scan all releases for the version
curl -L -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/rammpeter/panorama/releases | grep tag_name | grep "$PANORAMA_VERSION"
if [[ $? -eq 1 ]];then
echo "Release with version $PANORAMA_VERSION does not exist, deploying"
set -e
# Create release
RES=`curl -L -X POST --silent \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
https://api.github.com/repos/rammpeter/panorama/releases \
-d "{\"tag_name\":\"v$PANORAMA_VERSION\",\"target_commitish\":\"master\",\"name\":\"Release $PANORAMA_VERSION\",\"body\":\"Continous development\",\"draft\":false,\"prerelease\":false,\"generate_release_notes\":false}"`
RELEASE_ID=`echo $RES | jq ".id"`
if [[ "$RELEASE_ID" == "null" ]]; then
echo "Release creation failed! Response was:"
echo $RES
exit 1
fi
# Add asset to release
RES=`curl -L -X POST --silent \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/octet-stream" \
--data-binary @Panorama.jar \
"https://uploads.github.com/repos/rammpeter/panorama/releases/$RELEASE_ID/assets?name=Panorama.jar&label=Panorama.jar:%20Download%20and%20start%20with%20\"java%20-jar%20Panorama.jar\""`
URL=`echo $RES | jq ".url"`
if [[ "$URL" == "null" ]]; then
echo "Asset creation for release failed! Response was:"
echo $RES
exit 1
fi
else
echo "Release with version $PANORAMA_VERSION already exists, no deployment"
fi